Hackers nowadays will not only act alone in cybercrimes but will also offer the technologies, infrastructures and payment management as a service to other criminals in return for more financial returns for themselves through sharing of the proceeds. Under the threat of "cybercrime-as-a-service", the Hong Kong Computer Emergency Response Team Coordination Centre (HKCERT) reported a 23% rise in security incidents in Hong Kong in 2016, totalling 6,058, as compared to 2015.

Computer Security Incidents in 20166,058 Cases

Malware Attacks in 20161,139 Cases↑247%（328 cases, 2015）

Ransomware Incidents in 2016309 Cases↑506%（51 cases, 2015）

Source: Hong Kong Computer Emergency Response Coordintaion Centre

Turning to 2017, HKCERT expects the growing trend of "cybercrime-as-a-service" to lead to a proliferation of ransomware attacks in Hong Kong, with more threats to destroy or publicize the forcibly encrypted data. Both enterprises and the public must strengthen their guard.

Enterprises should apply good IT security management practices, especially for those who carry out 'Bring-Your-Own-Device' or engage in Internet of Things in their business operations. They should also conduct awareness training for staff on scam emails. It is always a good practice to verify suspicious requests for fund transfers.

On the other hand, the public should use strong password and two-factor authentication, and take due care when using public Wi-Fi, opening emails and visiting websites.